Thursday 16 April 2020

SubOver - A Powerful Subdomain Takeover Tool


Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful.

Installing
You need to have Python 2.7 installed on your machine. The following additional requirements are required -
  • dnspython
  • colorama
git clone https://github.com/Ice3man543/SubOver.git .
cd SubOver
# consider installing virtualenv
pip install -r requirements.txt
python subover.py -h

Usage
python subover.py -l subdomains.txt -o output_takeovers.txt
  • -l subdomains.txt is the list of target subdomains. These can be discovered using various tool such as sublist3r or others.
  • -o output_takeovers.txtis the name of the output file. (Optional & Currently not very well formatted)
  • -t 20 is the default number of threads that SubOver will use. (Optional)
  • -V is the switch for showing verbose output. (Optional, Default=False)

Currently Checked Services
  • Github
  • Heroku
  • Unbounce
  • Tumblr
  • Shopify
  • Instapage
  • Desk
  • Tictail
  • Campaignmonitor
  • Cargocollective
  • Statuspage
  • Amazonaws
  • Cloudfront
  • Bitbucket
  • Squarespace
  • Smartling
  • Acquia
  • Fastly
  • Pantheon
  • Zendesk
  • Uservoice
  • WPEngine
  • Ghost
  • Freshdesk
  • Pingdom
  • Tilda
  • Wordpress
  • Teamwork
  • Helpjuice
  • Helpscout
  • Cargo
  • Feedpress
  • Freshdesk
  • Surge
  • Surveygizmo
  • Mashery
Count : 36

FAQ
Q: What should my wordlist look like?
A: Your wordlist should include a list of subdomains you're checking and should look something like:
backend.example.com
something.someone.com
apo-setup.fxc.something.com

Your tool sucks!
Yes, you're probably correct. Feel free to:
  • Not use it.
  • Show me how to do it better.

Contact
Twitter: @Ice3man543

Credits


Related posts


  1. Wifi Hacker Tools For Windows
  2. Hacker Tools Apk
  3. Hacker Tools For Ios
  4. Pentest Tools For Windows
  5. Hacker Tools Free
  6. Hack Tools Download
  7. Hack Tools 2019
  8. New Hacker Tools
  9. Black Hat Hacker Tools
  10. Hacker Tool Kit
  11. Top Pentest Tools
  12. Hack Tool Apk No Root
  13. Hacker Tools For Mac
  14. Pentest Tools Linux
  15. Pentest Automation Tools
  16. Hack Tools Download
  17. Hacking Tools Name
  18. Hacking Tools Windows 10
  19. Hack Tools For Games
  20. Hacker Search Tools
  21. Pentest Tools Kali Linux
  22. Hacking Tools Software
  23. Hacking Tools 2020
  24. Ethical Hacker Tools
  25. Pentest Tools Alternative
  26. Hacker Tools For Ios
  27. Hacking App
  28. Hacking Tools For Beginners
  29. Pentest Tools Apk
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)